Lucene search
+L

1089 matches found

OpenVAS
OpenVAS
added 2025/07/10 12:0 a.m.3 views

Ubuntu: Security Advisory (USN-7623-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.01425EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/16 6:58 p.m.14 views

Security Bulletin: IBM Cloud Pak for Data is vulnerable to to Cross-Site Request Forgery (CSRF) due to insecure debugger access in Werkzeug ( CVE-2024-34069)

Summary Potential vulnerabilities in Werkzeug has been identified that may affect IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-34069 DESCRIPTION: Werkzeug is a comprehensive WSGI web application library. The debugger in affected version...

7.5CVSS7.4AI score0.03397EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/06/12 12:0 a.m.10 views

Dell Wyse Management Suite < 5.2 Multiple Vulnerabilities (DSA-2025-226)

The version of Dell Wyse Management Suite installed on the remote host is prior to 5.2. It is, therefore, affected by multiple vulnerabilities as referenced in the DSA-2025-226 advisory, including: - Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Absolute Path Traversal...

8.2CVSS6AI score0.00421EPSS
Exploits0References9
CVE
CVE
added 2025/06/10 5:39 p.m.51 views

CVE-2025-36580

Dell Wyse Management Suite (WMS) before version 5.2 is affected by CVE-2025-36580 due to improper input neutralization during web page generation, enabling cross-site scripting. The vulnerability affects WMS when handling web requests from remote attackers with high privileges; exploitation could...

6.1CVSS7.2AI score0.00249EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 3:23 a.m.9 views

CVE-2023-25015

Clockwork Web before 0.1.2, when Rails before 5.2 is used, allows CSRF...

6.5CVSS6.8AI score0.00358EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/23 12:0 a.m.5 views

WordPress plugin Crossword Compiler Puzzles 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A code issue vulnerability...

9.9CVSS8.7AI score0.00416EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/05/23 12:0 a.m.9 views

PT-2025-22822 · Thehive · Thehive

Name of the Vulnerable Software and Affected Versions: TheHive versions 5.2.0 through 5.2.15 TheHive versions 5.3.0 through 5.3.10 TheHive versions 5.4.0 through 5.4.9 TheHive versions 5.5.0 Description: A Server-Side Request Forgery SSRF issue allows remote authenticated attackers with admin...

4.6CVSS6.3AI score0.00355EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/22 10:49 p.m.10 views

CVE-2022-30517

Mogu blog 5.2 is vulnerable to Cross Site Scripting XSS...

6.1CVSS6.5AI score0.0059EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:58 p.m.17 views

CVE-2020-23520

imcat 5.2 allows an authenticated file upload and consequently remote code execution via the picture functionality...

7.2CVSS7.8AI score0.02156EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:22 p.m.29 views

CVE-2020-25790

Typesetter CMS 5.x through 5.1 allows admins to upload and execute arbitrary PHP code via a .php file inside a ZIP archive. NOTE: the vendor disputes the significance of this report because "admins are considered trustworthy"; however, the behavior "contradicts our security policy" and is being...

7.2CVSS7.8AI score0.15578EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2025/05/22 10:1 a.m.8 views

CVE-2019-8510

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout...

5.5CVSS5.3AI score0.00346EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:0 a.m.12 views

CVE-2019-8516

A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted string may lead to a denial of service...

7.5CVSS5.7AI score0.01836EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:54 a.m.9 views

CVE-2019-8541

A privacy issue existed in motion sensor calibration. This issue was addressed with improved motion sensor processing. This issue is fixed in iOS 12.2, watchOS 5.2. A malicious app may be able to track users between installs...

3.3CVSS5.6AI score0.00334EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:54 a.m.10 views

CVE-2019-8548

An issue existed where partially entered passcodes may not clear when the device went to sleep. This issue was addressed by clearing the passcode when a locked device sleeps. This issue is fixed in watchOS 5.2. A partially entered passcode may not clear when the device goes to sleep...

2.4CVSS6.3AI score0.00288EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:54 a.m.8 views

CVE-2019-8532

A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in watchOS 5.2, iOS 12.2. A malicious application may be able to access restricted files...

5.5CVSS6.2AI score0.00683EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:54 a.m.10 views

CVE-2019-8514

A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. An application may be able to gain elevated privileges...

7.8CVSS5.9AI score0.03097EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:16 a.m.10 views

CVE-2018-1000854

esigate.org esigate version 5.2 and earlier contains a CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in ESI directive with user specified XSLT that can result in Remote Code Execution. This attack appear to be exploitable vi...

9.8CVSS7.4AI score0.0316EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 9:6 p.m.17 views

CVE-2003-0784

Format string vulnerability in tsm for the bos.rte.security fileset on AIX 5.2 allows remote attackers to gain root privileges via login, and local users to gain privileges via login, su, or passwd, with a username that contains format string specifiers...

10CVSS7.2AI score0.02006EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 6:8 p.m.19 views

CVE-1999-0363

SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise...

7.2CVSS7.5AI score0.00779EPSS
Exploits0References1
NVD
NVD
added 2025/05/15 7:15 p.m.15 views

CVE-2025-30475

Dell PowerScale InsightIQ, versions 5.0 through 5.2, contains an improper privilege management vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to elevation of privileges...

9.8CVSS0.0033EPSS
Exploits0References1
Rows per page
Query Builder